160.2.129.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Cable One Inc.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Dec 4 04:03:49 lvps92-51-164-246 sshd[30906]: User r.r from 160-2-129-142.cpe.sparklight.net not allowed because not listed in AllowUsers Dec 4 04:03:49 lvps92-51-164-246 sshd[30906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160-2-129-142.cpe.sparklight.net user=r.r Dec 4 04:03:51 lvps92-51-164-246 sshd[30906]: Failed password for invalid user r.r from 160.2.129.142 port 36256 ssh2 Dec 4 04:03:51 lvps92-51-164-246 sshd[30906]: Received disconnect from 160.2.129.142: 11: Bye Bye [preauth] Dec 4 05:17:23 lvps92-51-164-246 sshd[31532]: Invalid user mlsna from 160.2.129.142 Dec 4 05:17:23 lvps92-51-164-246 sshd[31532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160-2-129-142.cpe.sparklight.net Dec 4 05:17:25 lvps92-51-164-246 sshd[31532]: Failed password for invalid user mlsna from 160.2.129.142 port 56880 ssh2 Dec 4 05:17:26 lvps92-51-164-246 sshd[31532]: Received disconne........ -------------------------------	2019-12-04 17:08:59

Type

Details

Datetime

attackspambots

Dec  4 04:03:49 lvps92-51-164-246 sshd[30906]: User r.r from 160-2-129-142.cpe.sparklight.net not allowed because not listed in AllowUsers
Dec  4 04:03:49 lvps92-51-164-246 sshd[30906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160-2-129-142.cpe.sparklight.net  user=r.r
Dec  4 04:03:51 lvps92-51-164-246 sshd[30906]: Failed password for invalid user r.r from 160.2.129.142 port 36256 ssh2
Dec  4 04:03:51 lvps92-51-164-246 sshd[30906]: Received disconnect from 160.2.129.142: 11: Bye Bye [preauth]
Dec  4 05:17:23 lvps92-51-164-246 sshd[31532]: Invalid user mlsna from 160.2.129.142
Dec  4 05:17:23 lvps92-51-164-246 sshd[31532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160-2-129-142.cpe.sparklight.net 
Dec  4 05:17:25 lvps92-51-164-246 sshd[31532]: Failed password for invalid user mlsna from 160.2.129.142 port 56880 ssh2
Dec  4 05:17:26 lvps92-51-164-246 sshd[31532]: Received disconne........
-------------------------------

2019-12-04 17:08:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.2.129.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3809
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;160.2.129.142.			IN	A

;; AUTHORITY SECTION:
.			427	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 17:08:56 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.129.2.160.in-addr.arpa domain name pointer 160-2-129-142.cpe.sparklight.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.129.2.160.in-addr.arpa	name = 160-2-129-142.cpe.sparklight.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.174.191.154	attackspam	Oct 22 07:12:30 mail sshd[19389]: Invalid user web from 187.174.191.154 Oct 22 07:12:30 mail sshd[19389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.191.154 Oct 22 07:12:30 mail sshd[19389]: Invalid user web from 187.174.191.154 Oct 22 07:12:32 mail sshd[19389]: Failed password for invalid user web from 187.174.191.154 port 41790 ssh2 Oct 22 07:27:11 mail sshd[21187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.191.154 user=root Oct 22 07:27:13 mail sshd[21187]: Failed password for root from 187.174.191.154 port 52796 ssh2 ...	2019-10-23 18:51:40
89.46.125.39	attack	Oct 23 12:56:22 rotator sshd\[2584\]: Invalid user uoa from 89.46.125.39Oct 23 12:56:23 rotator sshd\[2584\]: Failed password for invalid user uoa from 89.46.125.39 port 42736 ssh2Oct 23 12:56:25 rotator sshd\[2584\]: Failed password for invalid user uoa from 89.46.125.39 port 42736 ssh2Oct 23 12:56:27 rotator sshd\[2586\]: Invalid user update from 89.46.125.39Oct 23 12:56:30 rotator sshd\[2586\]: Failed password for invalid user update from 89.46.125.39 port 49410 ssh2Oct 23 12:56:32 rotator sshd\[2588\]: Invalid user upgrade from 89.46.125.39 ...	2019-10-23 18:57:34
129.211.108.202	attackspambots	Oct 21 04:50:11 reporting sshd[20014]: Invalid user shadow from 129.211.108.202 Oct 21 04:50:11 reporting sshd[20014]: Failed password for invalid user shadow from 129.211.108.202 port 54833 ssh2 Oct 21 05:00:20 reporting sshd[26182]: Invalid user oracle from 129.211.108.202 Oct 21 05:00:20 reporting sshd[26182]: Failed password for invalid user oracle from 129.211.108.202 port 33197 ssh2 Oct 21 05:04:28 reporting sshd[29173]: Invalid user kumuda from 129.211.108.202 Oct 21 05:04:28 reporting sshd[29173]: Failed password for invalid user kumuda from 129.211.108.202 port 52457 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=129.211.108.202	2019-10-23 18:46:21
159.65.230.189	attack	Oct 21 06:17:30 extapp sshd[31004]: Failed password for r.r from 159.65.230.189 port 49550 ssh2 Oct 21 06:17:31 extapp sshd[31006]: Invalid user admin from 159.65.230.189 Oct 21 06:17:34 extapp sshd[31006]: Failed password for invalid user admin from 159.65.230.189 port 53194 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=159.65.230.189	2019-10-23 18:49:57
5.196.75.47	attackbotsspam	Oct 23 07:41:12 herz-der-gamer sshd[9514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.75.47 user=root Oct 23 07:41:14 herz-der-gamer sshd[9514]: Failed password for root from 5.196.75.47 port 34042 ssh2 Oct 23 08:00:12 herz-der-gamer sshd[9667]: Invalid user esbee from 5.196.75.47 port 40156 ...	2019-10-23 18:56:48
181.92.233.148	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/181.92.233.148/ US - 1H : (200) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN7303 IP : 181.92.233.148 CIDR : 181.92.224.0/20 PREFIX COUNT : 1591 UNIQUE IP COUNT : 4138752 ATTACKS DETECTED ASN7303 : 1H - 1 3H - 1 6H - 2 12H - 3 24H - 6 DateTime : 2019-10-23 05:47:06 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-23 18:58:07
54.36.180.236	attackspam	Triggered by Fail2Ban at Vostok web server	2019-10-23 19:03:53
177.18.3.115	attack	Oct 15 09:21:40 localhost postfix/smtpd[27817]: disconnect from 177.18.3.115.dynamic.adsl.gvt.net.br[177.18.3.115] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 15 09:21:40 localhost postfix/smtpd[27819]: disconnect from 177.18.3.115.dynamic.adsl.gvt.net.br[177.18.3.115] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 15 09:21:44 localhost postfix/smtpd[27821]: disconnect from 177.18.3.115.dynamic.adsl.gvt.net.br[177.18.3.115] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 15 09:21:44 localhost postfix/smtpd[27822]: disconnect from 177.18.3.115.dynamic.adsl.gvt.net.br[177.18.3.115] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 15 09:21:45 localhost postfix/smtpd[27820]: disconnect from 177.18.3.115.dynamic.adsl.gvt.net.br[177.18.3.115] ehlo=1 auth=0/1 quhostname=1 commands=2/3 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.18.3.115	2019-10-23 19:00:40
200.89.178.2	attackbots	(From luong.luke@hotmail.com) Get free gas, free groceries, free movie and music downloads, product giveaways and more free offers just for completing small surveys, visit: http://freestuff.giveawaysusa.xyz	2019-10-23 19:03:02
152.136.100.66	attack	Oct 22 06:26:31 vps34202 sshd[3299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.100.66 user=r.r Oct 22 06:26:34 vps34202 sshd[3299]: Failed password for r.r from 152.136.100.66 port 56042 ssh2 Oct 22 06:26:34 vps34202 sshd[3299]: Received disconnect from 152.136.100.66: 11: Bye Bye [preauth] Oct 22 06:33:40 vps34202 sshd[3576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.100.66 user=r.r Oct 22 06:33:42 vps34202 sshd[3576]: Failed password for r.r from 152.136.100.66 port 47938 ssh2 Oct 22 06:33:42 vps34202 sshd[3576]: Received disconnect from 152.136.100.66: 11: Bye Bye [preauth] Oct 22 06:38:36 vps34202 sshd[3736]: Invalid user navy from 152.136.100.66 Oct 22 06:38:36 vps34202 sshd[3736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.100.66 Oct 22 06:38:38 vps34202 sshd[3736]: Failed password for invalid user navy........ -------------------------------	2019-10-23 19:08:50
167.99.81.101	attack	Unauthorized SSH login attempts	2019-10-23 18:48:04
185.211.245.198	attack	Oct 23 10:41:26 s1 postfix/submission/smtpd\[22593\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:41:33 s1 postfix/submission/smtpd\[1471\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:41:56 s1 postfix/submission/smtpd\[22593\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:42:03 s1 postfix/submission/smtpd\[1471\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:44:11 s1 postfix/submission/smtpd\[1471\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:44:16 s1 postfix/submission/smtpd\[4129\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:44:18 s1 postfix/submission/smtpd\[1471\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 23 10:44:36 s1 postfix/submission/smtpd\[1471\]: warning: u	2019-10-23 18:52:14
149.56.78.253	attack	Lines containing failures of 149.56.78.253 Oct 22 15:36:52 box sshd[3736]: Did not receive identification string from 149.56.78.253 port 54333 Oct 22 15:39:17 box sshd[3822]: Received disconnect from 149.56.78.253 port 55482:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:39:17 box sshd[3822]: Disconnected from authenticating user r.r 149.56.78.253 port 55482 [preauth] Oct 22 15:39:48 box sshd[3824]: Received disconnect from 149.56.78.253 port 52058:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:39:48 box sshd[3824]: Disconnected from authenticating user r.r 149.56.78.253 port 52058 [preauth] Oct 22 15:40:19 box sshd[4207]: Received disconnect from 149.56.78.253 port 48624:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:40:19 box sshd[4207]: Disconnected from authenticating user r.r 149.56.78.253 port 48624 [preauth] Oct 22 15:40:49 box sshd[4210]: Received disconnect from 149.56.78.253 port 44456:11: Normal Shutdown, Thank y........ ------------------------------	2019-10-23 19:05:23
72.252.211.174	attackspambots	$f2bV_matches	2019-10-23 19:15:58
103.83.81.144	attackbots	Automatic report - XMLRPC Attack	2019-10-23 18:54:51

Recently Reported IPs

84.197.67.165	217.105.252.9	171.85.72.127	150.132.207.196
1.248.184.62	59.38.100.118	84.135.184.186	193.244.137.51
210.21.53.76	79.143.62.5	139.9.197.53	31.211.65.102
219.96.168.136	197.158.196.6	36.20.176.176	210.239.74.134
124.104.145.187	2.210.181.236	196.133.236.148	183.160.183.46